Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\ALENA\AppData\Local\Microsoft\Windows\toolbar.exe','');
QuarantineFile('C:\ProgramData\Kbrowser utility\kbrowser-updater-utility.exe','');
QuarantineFile('C:\Users\ALENA\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\ALENA\AppData\Roaming\newSI_610\s_inst.exe','');
QuarantineFile('C:\Users\ALENA\AppData\Roaming\newSI_606\s_inst.exe','');
DelBHO('{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}');
QuarantineFile('C:\Program Files (x86)\IQIYI Video\Common\Accelerator\IEHelper.dll','');
QuarantineFile('C:\Users\ALENA\AppData\Roaming\Browsers\exe.resworb-mooronik.bat','');
QuarantineFile('C:\Users\ALENA\AppData\Roaming\Browsers\exe.erolpxei.bat','');
QuarantineFile('C:\Users\ALENA\AppData\Roaming\Browsers\exe.emorhc.bat','');
QuarantineFile('C:\Users\ALENA\AppData\Local\storegid\storegid.exe','');
QuarantineFile('C:\ProgramData\IePluginServices\PluginService.exe','');
DeleteService('IePluginServices');
DeleteService('WindowsMangerProtect');
QuarantineFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','');
QuarantineFile('C:\Users\ALENA\AppData\Roaming\VOPackage\VOsrv.exe','');
DeleteService('servervo');
QuarantineFile('C:\Windows\system32\drivers\{b0cb4e30-3ba7-42c8-b355-a89ba6e79c4c}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{4fb14cf7-68ed-4851-b31a-2ffde2f748ba}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{2e8cd9f8-615c-4de8-88d4-cb904b118f81}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{1a1d3262-ea38-4e09-b480-4c4c56f4843c}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw64.sys','');
DeleteFile('c:\users\alena\appdata\local\amigo\application\amigo.exe','32');
DeleteFile('C:\Windows\system32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{1a1d3262-ea38-4e09-b480-4c4c56f4843c}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{2e8cd9f8-615c-4de8-88d4-cb904b118f81}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{4fb14cf7-68ed-4851-b31a-2ffde2f748ba}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{b0cb4e30-3ba7-42c8-b355-a89ba6e79c4c}Gw64.sys','32');
DeleteFile('C:\Users\ALENA\AppData\Roaming\VOPackage\VOsrv.exe','32');
DeleteFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','32');
DeleteFile('C:\ProgramData\IePluginServices\PluginService.exe','32');
DeleteFile('C:\Users\ALENA\AppData\Local\storegid\storegid.exe','32');
DeleteFile('C:\Users\ALENA\AppData\Roaming\Browsers\exe.emorhc.bat','32');
DeleteFile('C:\Users\ALENA\AppData\Roaming\Browsers\exe.erolpxei.bat','32');
DeleteFile('C:\Users\ALENA\AppData\Roaming\Browsers\exe.resworb-mooronik.bat','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\storegid','command');
DeleteFile('C:\Program Files (x86)\IQIYI Video\Common\Accelerator\IEHelper.dll','32');
DeleteFile('C:\Users\ALENA\AppData\Roaming\newSI_606\s_inst.exe','32');
DeleteFile('C:\Program Files (x86)\IQIYI Video\LStyle\MobProtect.exe','32');
DeleteFile('C:\Windows\Tasks\MobProtect.job','64');
DeleteFile('C:\Windows\Tasks\newSI_606.job','64');
DeleteFile('C:\Windows\Tasks\newSI_610.job','64');
DeleteFile('C:\Users\ALENA\AppData\Roaming\newSI_610\s_inst.exe','32');
DeleteFile('C:\Users\ALENA\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\Tasks\Price Fountain.job','64');
DeleteFile('C:\Windows\system32\Tasks\kbrowser-updater-utility','64');
DeleteFile('C:\ProgramData\Kbrowser utility\kbrowser-updater-utility.exe','32');
DeleteFile('C:\Windows\system32\Tasks\newSI_610','64');
DeleteFile('C:\Windows\system32\Tasks\newSI_606','64');
DeleteFile('C:\Windows\system32\Tasks\Price Fountain','64');
DeleteFile('C:\Windows\system32\Tasks\SystemScript','64');
DeleteFile('C:\Users\ALENA\AppData\Local\Microsoft\Windows\toolbar.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.